Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          SMjy/gOUJ40osOc1qEQa2C2hlBxcZFDoyEX32+/QeoI=
Subject key identifier:   B4:F6:62:A3:D4:8E:E2:1D:9C:E8:1C:80:8B:36:38:A2:E3:6E:60:EF
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       0199FFC7B22B44C7B7B67C4792B15CC885D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0AA9
Signing time:             Mon 20 Oct 2025 04:01:41 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:41 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:41 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: kqhownuhYVRQ331LmKqXM5rGPiuhNswThsZInrwxXbs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:b2:2b:44:c7:b7:b6:7c:47:92:b1:5c:c8:85:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Oct 20 04:01:41 2025 GMT
            Not After : Oct 21 04:01:41 2025 GMT
        Subject: CN=b4f662a3d48ee21d9ce81c808b3638a2e36e60ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ff:d3:df:2d:f4:a0:3d:cb:6d:f2:2e:cf:bd:
                    fe:3c:77:58:c8:3d:e5:46:95:60:64:35:bd:10:19:
                    3f:f3:e8:55:3a:f7:8a:51:02:ee:59:cb:4f:ec:14:
                    2c:bb:05:e8:7b:e7:dc:3b:25:0f:f3:04:c0:be:53:
                    e1:7d:25:7a:1f:ad:dc:8b:e6:06:ae:69:06:db:9d:
                    ea:95:fd:0c:95:bd:3d:9d:66:ba:84:32:02:58:4f:
                    5c:f1:ff:89:de:3b:38:fa:bb:99:d8:60:0b:65:8a:
                    b3:96:ad:c2:d0:8d:54:12:33:75:5d:09:62:e7:55:
                    56:c1:bb:7a:41:30:5b:3a:5c:29:cf:5a:bb:06:a2:
                    11:b2:51:56:09:cd:52:0a:74:30:3c:85:e6:f7:53:
                    eb:16:81:ed:ff:03:b8:37:d5:f5:a1:0c:c0:ce:05:
                    a4:ee:6a:c1:c7:98:52:97:8d:f3:65:82:a7:25:11:
                    af:ef:65:2a:5a:38:b6:2f:29:e5:86:9e:7d:0a:5a:
                    ec:d8:e0:91:7c:18:6c:c5:6a:53:33:af:b7:bb:06:
                    1b:39:c0:6f:72:2f:87:d6:48:ea:be:be:d3:8d:c0:
                    ae:a2:b2:5e:86:9d:d2:7b:eb:99:17:6c:ca:08:ec:
                    49:b5:57:a2:1c:46:31:1f:77:c4:26:a0:98:5c:63:
                    ca:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:F6:62:A3:D4:8E:E2:1D:9C:E8:1C:80:8B:36:38:A2:E3:6E:60:EF
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:b5:3d:96:ef:d9:2a:80:f4:20:e9:59:cc:80:bf:db:02:f4:
         b8:2c:b5:c9:d2:c1:f8:c0:94:67:2e:c9:a1:71:50:24:13:ec:
         c5:ed:dd:de:e3:e0:88:b4:9b:95:cc:14:33:09:b3:a9:99:72:
         09:f6:33:08:ca:5d:0a:16:7c:9e:63:86:55:b0:b8:04:d5:88:
         e7:76:8b:f5:78:ab:9d:ab:57:a9:55:f0:b0:e3:c4:d5:f9:70:
         e8:8b:7f:49:a8:cd:54:4a:34:b0:16:42:6e:48:71:61:7a:03:
         3e:ce:92:e6:77:20:5f:14:8b:e8:83:75:88:5b:1b:30:1b:3e:
         24:18:71:e7:ad:c2:58:a3:94:62:2e:1c:ed:a3:f7:5c:d4:51:
         01:af:7f:09:eb:1d:51:20:de:3a:84:a7:f7:ee:ed:25:85:b9:
         2e:0a:98:7d:36:c4:17:3b:b4:cb:aa:41:85:55:ad:bd:af:3f:
         60:06:8b:47:f9:24:e4:d8:a6:80:1c:ec:9b:ad:01:79:6c:c5:
         df:b1:24:a3:f1:50:c6:c1:8a:14:56:30:4e:ab:86:8c:0f:39:
         32:56:85:02:02:20:cb:b8:6c:f1:da:25:33:31:d6:bd:5a:81:
         b3:9c:63:06:34:39:e0:ff:44:ea:16:bb:f5:69:43:de:f1:57:
         0f:8f:a9:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x7IrRMe3tnxHkrFcyIXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjUxMDIwMDQwMTQxWhcNMjUxMDIxMDQwMTQxWjAzMTEwLwYDVQQD
EyhiNGY2NjJhM2Q0OGVlMjFkOWNlODFjODA4YjM2MzhhMmUzNmU2MGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo//T3y30oD3LbfIuz73+PHdYyD3l
RpVgZDW9EBk/8+hVOveKUQLuWctP7BQsuwXoe+fcOyUP8wTAvlPhfSV6H63ci+YG
rmkG253qlf0Mlb09nWa6hDICWE9c8f+J3js4+ruZ2GALZYqzlq3C0I1UEjN1XQli
51VWwbt6QTBbOlwpz1q7BqIRslFWCc1SCnQwPIXm91PrFoHt/wO4N9X1oQzAzgWk
7mrBx5hSl43zZYKnJRGv72UqWji2Lynlhp59Clrs2OCRfBhsxWpTM6+3uwYbOcBv
ci+H1kjqvr7TjcCuorJehp3Se+uZF2zKCOxJtVeiHEYxH3fEJqCYXGPKzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLT2YqPUjuIdnOgcgIs2OKLjbmDvMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARrU9lu/Z
KoD0IOlZzIC/2wL0uCy1ydLB+MCUZy7JoXFQJBPsxe3d3uPgiLSblcwUMwmzqZly
CfYzCMpdChZ8nmOGVbC4BNWI53aL9XirnatXqVXwsOPE1flw6It/SajNVEo0sBZC
bkhxYXoDPs6S5ncgXxSL6IN1iFsbMBs+JBhx563CWKOUYi4c7aP3XNRRAa9/Cesd
USDeOoSn9+7tJYW5LgqYfTbEFzu0y6pBhVWtva8/YAaLR/kk5NimgBzsm60BeWzF
37Eko/FQxsGKFFYwTquGjA85MlaFAgIgy7hs8dolMzHWvVqBs5xjBjQ54P9E6ha7
9WlD3vFXD4+pGA==
-----END CERTIFICATE-----